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Method for deV^Pregistration in a wireless homVltwork 



The invention concerns a method for the registration of a device in a wireless 
home network. The invention can be used in the frame of a network based 
5 on the IEEE 1394 - 1995 serial bus standard, but is not necessarily limited to 
such an environment. 

The IEEE 1394 bus is a wired bus, and suffers from inherent drawbacks: it 
uses a cable, which is a restriction by itself compared to a wireless product, 
and the cable length between two devices is limited to 4.5 meters. The 
introduction of wireless transmissions in a IEEE 1394 - 1995 based network 
is of an obvious interest. This topic is covered by the European ETSI BRAN 
project that is standardizing a wireless 1394 network in the 5 GHz band, 
under the title 'Hiperlan type 2\ 

Hiperlan 2 is a layered standard defining a PHY layer (OSI level 1), a DLC 
layer (OSI level 2), and a few Convergence Layers for some core network 
technologies (ATM, Ethernet, IEEE 1394...). 

Hiperlan 2 proposes a security scheme based on authentication and 
20 encryption. This security scheme allows to restrict the access of the network 
to only allowed users. Hiperlan 2 is initially targetting business applications 
(corporate LANs), and thus can rely on a certain network management 
infrastructure. Hiperlan 2 requires for its authentication procedure that both 
the Mobile Terminal ('MT') and the AP/CC (Access Point - Central Controller) 
25 have a shared secret (an 'authentication key 1 ) prior to the authentication 

procedure. T his authentication key i s communicated to b oth the M T a n d the 

AP during network installation by the network manager. 



In a home environment, it is not appropriate to rely on the user to perform 
30 such installation operations. The purpose of the present invention is to 



propose a memod using mechanisms already sj^cified in Hiperlan 2 to 
perform automatic installation of home devices. 



10 



The object of the invention is a method for registering a device in a wireless 
network comprising a central access point characterized in that it comprises 
the steps of: 

-sending an identification code from the device to the access point; 
-checking by said access point whether the received identification code 
corresponds to the identification code sent by said device and if such 
checking is positive, sending an authentication key from said access point to 
said device; 

-storage of said authentication key by said device for use in authentication 
procedures between said device and said access point. 



15 According to a preferred embodiment, a unique identification code is used 
within a given network. 



20 



Further characteristics and advantages of the invention will appear through 
the description of a preferred, non-limiting embodiment of the invention. This 
embodiment will be described with the help of the following figures, which are 
an integral part of the present description: 



-Figure 1 is a schematic diagram of a network comprising two wired buses 
communicating through a wireless link. 
25 -Figure 2 is a high-level message sequence chart illustrating the messages 
exchanged between a Mobile Terminal and an Access Point for creating an 
association according to the present embodiment. 

-Figure 3 is a message sequence chart defining the messages exchanged 
between different layers of the MT and AP during one of the phases 
30 (Information Transfer) defined by the chart of figure 2. 



-Figure 4a, 4b and^R respectively represent a CMPergence Layer 
Information Container for containing Information Elements, and two 
Information Elements used during the message exchanges of the chart of 
figure 3. 

5 -Figure 5 is a message sequence chart defining the messages exchanged by 
the MT and the AP during the authentication phase of the chart of figure 2. 

The present embodiment is placed in the frame of BRAN/Hiperlan 2. More 
information concerning this environment can be found in the following 
10 document Broadband Radio Access Networks HIPERLAN Type 2 Functional 
Specification Data Link Control (DLC) layer parts 1 and 2 
(DTS/BRAN030003-1) and associated documents among which the 
document DTS/BRAN-002004-2 concerning the Radio Link Control (RLC) 
sublayer. 

15 

Figure 1 is a diagram of a network comprising an Access Point (AP) 1 and a 
Mobile Terminal (MT) 2, respectively connected to wired IEEE 1394 busses 
3 and 4. The AP and the MT form a wireless link between the two wired 
busses. 

20 It is assumed in what follows that the AP (or Central controller CC) is a 
function that may be implemented in any device. There shall be no 
prerequisite that there is one fixed AP/CC device in the home network, but 
rather that one Central Controller is selected among a number of devices 
having such a capacity. 

25 

Before a MT and the AP can associate, a preliminary key negotiation phase 

must take place in order to generate a symmetric encryption key. This 
negotiation is based on the Diffie-Hellman (DH) algorithm. The general 
mechanism of this algorithm is the following : 
30 1. The MT and the AP have agreed on a base generator g and a large 
prime number n; 
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2. Both of Wm generate a random number Wrled the Diffie-Hellman 
private value. Suppose that the MT generates the number x and the 
AP generates the number y; 

3. The MT computes its DH public value MTJDH_PV=(f mod n and 
sends it to the AP; 

4. The AP computes its DH public value AP_DH_PV-^ mod n and 
sends it to the MT. 

5. The MT computes k=APJDH_PV* mod n\ 

6. The AP computes /c'=M7_DH_P\A mod n. 

After this process, the AP and the MT can compute the shared secret 
session key since k=k'=<f y mod n. For this purpose this key, called Session 
Secret Key or 'SSK\ is computed by : 
SSK=HMA C-MD5(cf y mod n,0) 
With : 

HMAC-MD5(k,m)=MD5((k XOR opad)\MD5((k XOR ipad) | m)) 
Where : 

• k is a secret key; 

• m is the message; 

• ipad is 0x36 repeated 64 times; 

• opad is 0x5c repeated 64 times; 

• XOR is exclusive OR; 

• | is the concatenation operator. 



25 



Note that if someone eavesdrops on the communication between the MT 
and the AP, he only learns n, g, MT_DH_PV and AP_DH_PV. Thus, he 



cannot deduce the value of the key k since he does not know the secret 
random numbers x and y. 



10 



15 



20 




Once the SSK key is^fcerated, the authentication pha^fcan take place. 
This phase allows the MT to be authenticated by the AP and allows the AP 
to be authenticated by the MT. 

In Hyperlan 2, this step is based on a challenge-response approach : 

• The MT sends its identifier to the AP, encrypted with the just 
negotiated SSK encryption key; 

• The AP then sends a challenge (that is a random number) C AP to the 
MT; 

• The MT proves its identity by responding to the challenge C AP . For this 
purpose, it "signs" the challenge either with a secret key shared with 
the AP or with its private key when a PKI (Public Key Infrastructure) is 
used. The MT sends its response R(C AP ) as well as a new challenge 
Cmt to the AP; 

• The AP verifies the response R(C AP ), "signs" the challenge in 
order to prove its identity and sends back its response R(C MT ) to the 
AP; 

• The MT verifies the response RCC^t). 

If the responses R(C AP ) and R(C MT ) are correct, both MT and AP are thus 
authenticated since they proved they know a secret. 



In a business environment the authentication is configured by a network 
administrator. For a home environment, a more automatic authentication 
procedure is desirable. The interface with the user should be as simple as 
25 possible. The 1394 bus per se has "plug and play" capabilities, so it is 
desirable extend these capacities to the wireless network. 



30 



An MT wanting to associate with a network needs an authentication key that 
shall be known by the Central Controller. This authentication key is used 
during the association phase, via a challenge / response mechanism, in a 
way similar to that given above. The Hiperlan 2 standardization group thinks 
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that a single common key may be used for the whole network, and that this 
key may be based on the GUID of the first Central Controller registered in 
the network. 



5 Before using a wireless device, an installation phase will be necessary. This 
phase consists in giving the authentication key of the network to the new MT. 
According to the present embodiment, this value transfer is secured by a 
code such as a PIN code to prevent any neighbour from obtaining this key. 
It is proposed to use a same PIN code on all the devices for device 

10 installation. This PIN code is entered by the user and exchanged over the air 
interface. It is checked by the CC, that can then communicate the 
authentication key. The authentication key shall then be stored by the MTs 
(on non volatile memory), and it will be used at any power on phase to 
authenticate again. 

15 

This method focuses on devices that provide enough user interaction 
capabilities for entering the PIN code. Typically, such a device comprises a 
display and a number of keys. The device may provide an installation menu 
that the user has to select. Upon activation of the installation menu, the 
20 device erases any previously stored authentication key. Such devices may 
also be much simpler. User input may me reduced to the setting of 
microswitches. 

If the device is a CC capable device, then the device shall further ask the 
25 user : 



*A/ do you want to install a new network ? 

*B/ do you want to install a device on an existing network ? 



If the device is not a^ft capable device, then there ilSB need for this 
submenu since the user can obviously only connect this device to an existing 
network. 



5 If the user answers « A », then the device asks for a PIN code. This PIN 
code will be valid for the whole network. The device then builds an 
authentication key by concatenating its own GUID (see below) and the 
entered PIN code. The PIN code is stored in non volatile memory to be 
retrieved at each power on. The device can then start CC operation (i.e. act 

10 as an HL2 Access Point), waiting for further devices. 

The GUID is a 64-bit quantity used to uniquely identify an IEEE 1394 device. 
It consists of a 24-bit company ID (obtained from the 1394 Registration 
Authority Committee) and a 40-bit serial number assigned by the device 
manufacturer. The GUID is stored in a device's configuration ROM and is 

15 persistent over 1 394 network resets. 

Other types of identifiers may also be used, as long as it is made sure that 
no two devices in the network have the same identifier. 

If the user answers « B », then the device asks for a PIN code (that shall be 
20 the whole network PIN code, the user already initialized on the first installed 
device). The device then starts MT operation. The MT scans the spectrum, 
and looks for a beacon under the form of a BRAN frame header. When it 
finds such a beacon, and after SSK determination, using Linkjnfo 
messages, it sends the user entered PIN code to the CC. The user entered 
25 PIN code shall be encrypted using the Diffie Hellman session key (the RLC 

messages are not encrypted) The CC can then check whether the received 

PIN code (from the air interface) is the same as the one it already has. If the 
check is successful, then a positive answer is sent through the 
RLCJNFO_ACK message, with the authentication key (the authentication 
30 key is also encrypted using the Diffie-Hellman session key). Otherwise a 
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denial is sent^^the RLCJNFO_ACK. More d^fc of the exchange are 
given in figure 3. 



5 If the MT receives the authentication key, the installation phase is ready. The 
MT shall store the key in a non-volatile memory. It could also store the 
NETJD (contained in a field of the BCCH) that can help in further frequency 
scanning. The NETJD does not uniquely identify a network, but can simplify 
the frequency scanning and avoid useless authentication tentatives. 

10 It can then further run the power-on, or booting, procedure (see below). If the 
device does not get the authentication key, it shall look for another 
frequency, and thus for another CC and try again. 

According to the present example, the PIN code and the authentication key 
is are part of the CLJnfo container, and thus described for each convergence 
layer. Another possibility is to make it part of the DLC layer container since it 
contains data that is relevant to the DLC layer. 

Figure 4a represents the convergence layer information container's format 
20 (CLJayercontainer). It contains several Information Elements (lEs). Figures 
4b and 4c represent the formats of two lEs which are needed for the 
protocol, namely the PIN code IE and the Authentication key IE, and 
contained in the convergence layer container. The variable 
f Authentication_key) is equal to the concatenation of the GUID of the first 
25 installed GUID and the PIN code. 



The procedure at power on is the following: An MT only device searches for 
the beacon by scanning the available frequencies. If it previously stored a 
network identifier (NetJD), it first searches for the BCCH field containing this 
30 identifier. Once the BCCH is found, encryption and authentication steps are 



carried out. If the BC^Wwith the correct NetJD is is n 
other identifiers may be searched for. 



bund, CCs with 



No specific parameter is needed in the RLC_Authentication message (since 
5 a single key is used). The authentication key (GUID + PIN code) is used by 
the MT to compute the challenge response sent in the 
RLC_Authentication__AP message. The same authentication key (GUID + 
PIN code) is used by the AP/CC to check whether the device is allowed or 
not (whether it shares the same key), and thus to generate the response. 
10 If the MT is authenticated, then it can complete the association phase and 
join the network. Otherwise it tries on another CC. 

Figure 5 describes the message exchange of the authentication procedure. 

The described method may be extended to multiple authentication keys. 
15 The major drawback of the present approach appears to uninstall some 
devices : when the user wants to remove only part of his devices (at least 
one stolen device), he has to change the pin code, and to reinstall all his 
wireless devices. 

This drawback disappears when one authentication key is used for each 
20 device. 

The same procedures and message sets can be used for a multiple 
authentication key network with the following modifications: 



-Installation phase : 

25 During installation, the MT has to send its GUID to the CC. The MT GUID 

concatenated to the PIN code is the MT authentication key. The 

authentication_key IE can be used (or even a new information element can 
be defined, without the Accept/denied flag), and can be carried in the 
RLCJNFO message. The Authentication key sent in the RLCJNFO 
30 message has to be encrypted using the Diffie-Hellman session key. 
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The PIN code is used by the CC to check whetherfhe MT is allowed to be 
installed. If the PIN code test matches, then the authentication key of the MT 
is stored by the CC in non volatile memory. 

The RLCJNFO_ACK in that case just contains the accept/denied flag. No 
authentication key is needed. 



-Power on phase 

During Authentication phase, the RLC_Authentication message sent by the 
MT to the CC shall contain the authentication ID of the MT (which is the 
10 GUID of the MT). Then the authentication key to be used for the challenge / 
response exchange shall be the MT GUID concatenated to the PIN code. 



This approach allows a user to remove one device without needing to 
15 reinstall his complete network. 

The invention has several advantages. User involvement is reduced to just 
entering a PIN code during device installation. Also, the PIN code provides a 
good level of security for device installation and guarantees that devices are 
20 wirelessly installed to the appropriate network 
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GLOSSARY 
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ACF 


Association Control Function 




BCCH 


Broadcast Control CHannel 




CL 


Convergence Layer 




DLC 


Data Link Control Layer 




ENV 


Environment Layer (Convergence Layer) 


10 


GUID 


Global Unique Identifier 




MAC 


Medium Access Control 




NETJD 


Network Identifier 




PHY 


Physical Layer 




PIN 


Personal Identification Number 


15 


RLC 


Radio Link Control Protocol 




SSK 


Session Secret Key 
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CLAIMS 



1 . Method for registering a device in a wireless network comprising a central 
5 access point characterized in that it comprises the steps of: 

-sending an identification code from the device to the access point; 
-checking by said access point whether the received identification code 
corresponds to the identification code sent by said device and if such 
checking is positive, sending an authentication key from said access point to 
10 said device; 

-storage of said authentication key by said device for use in authentication 
procedures between said device and said access point. 

2. Method according to claim 1, characterized in that a unique identification 
15 code is used within a given network. 



0 



THIS PAGE BLANK (uspto) 



• 



Abstract 



5 The invention concerns a method for registering a device in a wireless 
network comprising a central access point. 
The method comprises the steps of 

-sending an identification code from the device to the access point; 
-checking by said access point whether the received identification code 
10 corresponds to the identification code sent by said device and if such 
checking is positive, sending an authentication key from said access point to 
said device; 

-storage of said authentication key by said device for use in authentication 
procedures between said device and said access point. 

15 

The invention is applicable among others in digital home networks. 



Figure 2 
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